Linux and UNIX-like operating systems in general are regarded as being more secure for the common user, in contrast with operating systems that have "Windows" as part of their name. Why is that? When entering a dispute on the subject with a Windows user, the most common argument he tries to feed me is that Windows is more widespread, and therefore, more vulnerable. Apart from amusing myths like "Linux is only for servers" or "does it have a word processor?", the issue of Linux desktop security is still seriously misunderstood.

Aside from the obvious issues with the fact that 99% of linux users run as a normal user, while 99% of windows users run as admin (and its a pain in the ass not to)...

There is the basic design of the OS to content with too...

Linux has a package manager, and the package manager can detect if any files it installed have been modified, sure if you have root you can modify the database too but you would need your malware to support every package manager.

Linux is much simpler and far more modular, the places where malware and security issues can hide are well understood, windows on the other hand is much larger and massively more complicated.

Linux has a logical filesystem layout, with consistent permissions... Binaries go in /bin, libraries go in /lib etc, windows dumps everything in system32 so the typical user has absolutely no idea what's supposed to be there. A normal user has no need to write to the system dirs, and therefore can't.

Linux is not a monoculture, there are many linux distributions that use different methods to start programs at boot or store checksums of installed packages etc, a piece of malware may run on any distro, but certain parts of it (like its ability to survive a reboot or try to cover its tracks) may not work, not to mention all the other os's which are mostly source level compatible with linux (bsd, solaris, etc).

Linux has mount options - you can mount certain areas without execute privileges, and it makes sense to use this feature on /home and any temporary areas... Malware downloaded to such areas would not even run.